The transition to NetApp MS Azure AD B2C is complete. If you missed the pre-registration, you will be invited to reigister at next log in.
Please note that access to your NetApp data may take up to 1 hour.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Active IQ Unified Manager Discussions

WFA LDAP Groups - Allow 'Domain Users' to login

ChadPruden

Looking for a way to allow anyone in our company the ability to login to WFA... we will then restricting what they can see/do by securing the Categories, or within the workflows themselves.  

 

Otherwise, we'd want to leverage an API call to add new LDAP group, but looking at Swagger docs, doesn't seem there is a PUT /rest/ldap_group

 

WFA 4.1RC

1 ACCEPTED SOLUTION

sinhaa

@ChadPruden

 

Separation of LDAP Groups management was done in WFA4.1. But for backword compatibility of APIs, we have kept the API same as before.

 

The WFA Domain groups can be Added using the api /system/ldap on method PUT. On swagger doc you can see it under System Operations -> User Management

 

 

This API will set your LDAP authentication along with the LDAP groups.

 

So if you want to add another LDAP group to the existing list via APIs, do the following

 

Assuming your LDAP Authentication is already enabled. 

 

1. Do a GET on  /system/ldap to get the current configuration.

 

2. On the response body, Add your new group for the specific role. Since you want resticted Catgory based access, you should add it into <operatorGroups>

 

3. Call POST on /system/ldap

 

Done.

 

API /system/ldap will show the groups. Also /system/ldap_group will also get this Group in response.

 

 

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

1 REPLY 1

sinhaa

@ChadPruden

 

Separation of LDAP Groups management was done in WFA4.1. But for backword compatibility of APIs, we have kept the API same as before.

 

The WFA Domain groups can be Added using the api /system/ldap on method PUT. On swagger doc you can see it under System Operations -> User Management

 

 

This API will set your LDAP authentication along with the LDAP groups.

 

So if you want to add another LDAP group to the existing list via APIs, do the following

 

Assuming your LDAP Authentication is already enabled. 

 

1. Do a GET on  /system/ldap to get the current configuration.

 

2. On the response body, Add your new group for the specific role. Since you want resticted Catgory based access, you should add it into <operatorGroups>

 

3. Call POST on /system/ldap

 

Done.

 

API /system/ldap will show the groups. Also /system/ldap_group will also get this Group in response.

 

 

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public